VDB
CVE-2024-7348
CVE-2024-7348
PUBLISHED
CVSS 8.800000190734863 HIGH
A ‘time-of-check time-of-use’ (TOCTOU) race condition in a PostgreSQL can allow an attacker to easily execute arbitrary SQL functions by leveraging a PostgreSQL utility often executed with high privileges.
EPSS 0.74% · 73.4th percentile
Risk Scores
CVSS 3.1
8.800000190734863
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:U/RC:C
EPSS Score
0.74%
73.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| ABB | ABB Ability™ Symphony® Plus S+ Engineering 2.3 | |
| ABB | ABB Ability™ Symphony® Plus S+ Engineering 2.4 SP1 | |
| ABB | ABB Ability™ Symphony® Plus S+ Engineering 2.3 RU2 | |
| ABB | ABB Ability™ Symphony® Plus S+ Engineering 2.4 | |
| ABB | ABB Ability™ Symphony® Plus S+ Engineering 2.3 RU1 | |
| ABB | ABB Ability™ Symphony® Plus S+ Engineering 2.4 SP2 | |
| ABB | ABB Ability™ Symphony® Plus S+ Engineering 2.2 | |
| ABB | ABB Ability™ Symphony® Plus S+ Engineering 2.3 RU3 |
Exploit Intelligence
- CVEDatabase.swift (github-poc)
- CVEDatabase.swift (github-poc)
- CVEDatabase.swift (github-poc)
- CVEDatabase.swift (github-poc)
- CVEDatabase.swift (github-poc)
- CVEDatabase.swift (github-poc)
- CVEDatabase.swift (github-poc)
- CVEDatabase.swift (github-poc)
- CVEDatabase.swift (github-poc)
- CVEDatabase.swift (github-poc)
…and 102 more exploits
Timeline
- Aug 8, 2024 CVE Published
- Aug 13, 2024 EPSS Score
- Aug 22, 2024 CVE Updated
- Sep 3, 2024 EPSS Score
- Oct 5, 2024 Coalition ESS Score
- Oct 14, 2024 EPSS Score
- Nov 4, 2024 EPSS Score
- Nov 25, 2024 EPSS Score
- Dec 17, 2024 EPSS Score
- Jan 28, 2025 EPSS Score
- Feb 17, 2025 EPSS Score
- Mar 10, 2025 EPSS Score
References
- https://psirt.abb.com/csaf/2026/7paa017341.json advisory
- https://search.abb.com/library/Download.aspx?DocumentID=7PAA017341&LanguageCode=en&DocumentPartId=&Action=Launch advisory
- https://search.abb.com/library/Download.aspx?DocumentID=7PAA014844D2421&LanguageCode=en&DocumentPartId=&Action=Launch advisory
- https://search.abb.com/library/Download.aspx?DocumentID=8VZZ001006T0001&LanguageCode=en&DocumentPartId=&Action=Launch advisory
- https://search.abb.com/library/Download.aspx?DocumentID=2PAA121027&LanguageCode=en&DocumentPartId=&Action=Launch advisory
- https://search.abb.com/library/Download.aspx?DocumentID=8VZZ000602T0001&LanguageCode=en&DocumentPartId=&Action=Launch advisory
- https://search.abb.com/library/Download.aspx?DocumentID=7PAA018617&LanguageCode=en&DocumentPartId=&Action=Launch advisory
- https://search.abb.com/library/Download.aspx?DocumentID=2PAA122516&LanguageCode=en&DocumentPartId=&Action=Launch advisory
- https://search.abb.com/library/Download.aspx?DocumentID=2PAA120528&LanguageCode=en&DocumentPartId=&Action=Launch advisory
- https://search.abb.com/library/Download.aspx?DocumentID=8VZZ000368D0066&LanguageCode=en&DocumentPartId=&Action=Launch advisory
- https://nvd.nist.gov/vuln/detail/CVE-2024-7348 advisory